Apple Faces New Cybersecurity Law in UK

A new British cybersecurity law mandates smart device manufacturers like Apple to enhance protections or face hefty penalties.

The legislation, known as the Product Security and Telecommunications Infrastructure (PSTI) Act, introduces robust requirements aimed at securing devices connected to the internet to make it harder for cybercriminals to get access to private networks.

The law specifically targets the inadequacies in current security measures by mandating three major changes: the elimination of default passwords, a clear protocol for reporting security vulnerabilities, and detailed consumer information on the length of product support and software updates. These stipulations apply to all companies manufacturing or selling smart devices in the UK.

For Apple, the law will necessitate a review of how its products comply with these enhanced standards. While Apple devices do not use default passwords, the company will need to ensure that all of its connected devices sold in the UK clearly communicate the duration of security support to customers. In addition, affected companies are expected to establish or refine their contact points for security issue reporting.

Retailers such as Apple stores are also required to provide customers with point-of-sale information about the cybersecurity practices relevant to the devices they purchase. The PSTI Act also includes strict penalties for non-compliance, with fines that can reach up to £10 million ($12.5 million USD) or 4% of the offending company’s global turnover.

This article, “Apple Faces New Cybersecurity Law in UK” first appeared on MacRumors.com

Discuss this article in our forums